Professionalizing Cyber
Professionalizing Cybersecurity: Why It's Time to Embrace 'Data Care'
Imagine this: you're 30,000 feet in the air, and a robotic assistant on your flight suddenly falls victim to ransomware. The flight attendant urgently asks over the intercom, "Are there any Data Care professionals onboard?" It might sound like a scene from a sci-fi movie, but it's a thought experiment that highlights a powerful question: When will cybersecurity professionals be viewed with the same urgency, trust, and professionalism as doctors, lawyers, and accountants?
In this week's video on Gula Tech Adventures, Ron Gula dives into what it will take to professionalize the cybersecurity industry and explores the transformative concept of rebranding our field as "Data Care." It's not just a name change—it's a shift in mindset, strategy, and inclusivity.
The Case for Professionalization
Healthcare professionals are respected and specialized—from neurosurgeons and nurses to nutritionists and pediatricians. In cybersecurity, we have similar specializations: penetration testers, incident responders, compliance experts, and malware analysts. Yet, to the outside world, these roles often blend into a single blurry image of "the IT guy."
To elevate cybersecurity to a professional standard, we need to make these distinctions clear. We must highlight that our field is not only about defense or offense but includes strategic planning, system care, education, and more. Every role in this ecosystem matters—patch management, risk compliance, and secure configuration are as vital as red teaming.
Introducing "Data Care"
Ron and Cyndi Gula have long advocated for rebranding cybersecurity as "Data Care." This shift in terminology addresses multiple challenges:
1. Breaking Down Barriers to Entry
The word "security" carries baggage. In some communities, particularly among African Americans and economically disadvantaged groups, the term is associated with policing, enforcement, and systemic inequality. Reframing the field as Data Care could make it more approachable and less intimidating.
Cybersecurity also suffers from a problem of representation. The field is still dominated by white men, and the current branding—with military-esque imagery of "fighting threats" and "running into the fire"—can alienate women and others who don't see themselves in those narratives.
By emphasizing care, responsibility, and stewardship, Data Care reframes the industry in a way that welcomes a broader range of talent and aligns with roles like nursing, education, and social work.
2. Fostering Responsibility
In healthcare and law, there is an understood baseline of personal responsibility. You're expected to brush your teeth, exercise, and follow the law. Similarly, Data Care shifts the narrative from "blame the user" to shared responsibility.
Calling someone a "stupid user" for getting phished is not only unprofessional—it's counterproductive. If we expect the public to take cybersecurity seriously, we must communicate in a way that empowers, not shames.
Against a Separate Cyber Force
Should we establish a dedicated military branch for cyber, akin to Space Force? Ron says no.
Despite interest in creating a cyber-specific force, cybersecurity is a foundational domain that permeates all sectors—government, military, civilian, and commercial. Creating a separate entity could isolate cyber professionals from broader systems they aim to protect.
For comparison, the U.S. doesn't have a dedicated "medical force." Instead, every military branch has medical personnel embedded within it. Cybersecurity should follow a similar model. The current structure, with Cyber Command coordinating across existing branches, already reflects this integrated approach.
(Editor’s Note: An AI assistant in the video reminds us that the U.S. Public Health Service is technically a uniformed medical service—a model worth examining for cyber roles too.)
Changing the Conversation with the Public
Part of professionalizing Data Care is adjusting how we talk about it. Too often, cybersecurity advice is disjointed:
One day it's "enable two-factor authentication"
The next it's "don’t use Chinese cloud apps"
Then it's "move to zero trust"
This scattershot messaging dilutes trust and creates confusion. Instead, we should advise individuals and organizations to treat cybersecurity like any other business function:
Hire a Managed Service Provider (MSP)
Work with cybersecurity professionals the same way you would a CPA or legal counsel
Positioning cybersecurity professionals as trusted advisors—not just emergency responders—will help standardize expectations and elevate credibility.
Certifications and Specialization
Professional fields have credentials. Doctors pass boards. Lawyers pass the bar. What about cybersecurity?
Certifications like CISSP and CEH exist but vary widely in rigor. More impactful are recent certifications aimed at board-level responsibility, like:
NACD Cyber Risk Certification
Digital Directors Network QTE
These are designed not just for practitioners, but for leadership—to elevate cybersecurity awareness and responsibility in corporate governance.
There's also the Cyber Warfare Engineer designation within the Department of Defense—a specialized track akin to weapons engineering for digital capabilities.
The future of Data Care certification must be layered and role-specific. We need certifications not just for pen testers, but for firewall admins, compliance managers, threat hunters, and incident responders. Most importantly, we need continuing education to match the pace of technological change.
Caring for Critical Infrastructure
Let’s not forget: cybersecurity is about more than just protecting data—it’s about preserving life as we know it. Water systems, hospitals, power grids, transportation, and supply chains all depend on secure digital infrastructure.
We don’t talk about this enough. The stakes are existential, and the public deserves to understand how cybersecurity professionals—Data Care professionals—play a role in protecting these lifelines.
The more we frame our work as essential care for critical systems, the more seriously our role will be taken.
A New Narrative
What if every cybersecurity worker identified as a "Data Care Professional"?
What if job titles reflected this holistic mission—Data Care Analyst, Data Care Architect, Data Care Nurse?
What if we trained and licensed these roles with the same gravity as EMTs or accountants?
What if, on your next flight, the intercom buzzed, "Is there a Data Care professional onboard?" and you proudly raised your hand?
That’s the future Ron Gula envisions. A future where cybersecurity is not just about threat hunting and zero days, but about care, accountability, trust, and professionalism.
Call to Action
At Gula Tech Adventures, we’re not just investing in companies—we’re investing in the future of our field. If you agree with the vision of Data Care:
Reframe how you talk about your cyber role
Encourage diverse pathways into the field
Support certifications and continuing education
Treat cybersecurity like a profession, not just a passion
And above all, speak with the public the way a doctor or lawyer would—with clarity, empathy, and authority.
Let’s build an industry where the public trusts us, respects us, and calls on us when it matters most.
I'm Ron Gula. Thanks for reading. Subscribe to our channel, connect with us on LinkedIn, and let us know your thoughts. Let's professionalize cybersecurity—one conversation at a time.